<?php
    /**
     * Upload file handler (AJAX).
     * For each file, copies it from temporary upload directory to
     * uploads directory.  Temporary directory assumed to be the
     * PHP specified temporary upload directory.
     */



include('./includes/dbconnection.php'); // open db connection
include('../includes/config.php');

// $result = mysql_query("SELECT * FROM Assets") or die(mysql_error());

// $sqlGetIDQuery = "INSERT INTO Assets (Title) values ('')";

// foreach ($_FILES as $fieldName => $file) {
//   move_uploaded_file($file['tmp_name'], "./uploads/" . $file['name']);
// }

$tmpfname = tempnam("uploads/","u_");


if ($_FILES["file"]["error"] > 0){
    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}else{
    move_uploaded_file($_FILES["file"]["tmp_name"],
        //      "uploads/" . $_FILES["file"]["name"]);
        $tmpfname);
}





// only allow one file to be uploaded at a time
// $tmpfname = tempnam("./uploads","u_");
// we toss away the name of the file uploaded
// move_uploaded_file($_FILES['file']['tmp_name'], "./uploads/" . $_FILES['file']['name']);
// The user may have entered this information as they were uploading.
// Title is what will be displayed in file tree
// Description will be displayed under tree view
// Path is a / separated "category"
// TODO: AddedUser, AddedDate to be completed
// $_REQUEST['Title']
// $_REQUEST['Description']
// $_REQUEST['Path']
// $_REQUEST['Media']
// $_REQUEST['AddedUser']
// $_REQUEST['AddedDate']

$sqlSetFields = "";
$sqlInsert = "";

if( isset($_FILES['file']["name"]) && !empty($_FILES['file']["name"])){
    $sqlSetFields .= "Name=";
    $sqlSetFields .= "'".$_FILES['file']["name"]."'";
}


if( isset($_REQUEST["Title"]) && !empty($_REQUEST["Title"])){
    $sqlSetFields .= ", Title=";
    $sqlSetFields .= "'".$_REQUEST["Title"]."'";
}

if(isset($_REQUEST["Description"]) && !empty($_REQUEST["Description"])){
    $sqlSetFields .= ", Description=";
    $sqlSetFields .= "'".$_REQUEST["Description"]."'";
}

if( isset($_REQUEST["Path"]) && !empty($_REQUEST["Path"])){
    $sqlSetFields .=", Path=";
    $sqlSetFields .= "'".$_REQUEST["Path"]."'";
}


if( $sqlSetFields != "" ){


    $tmpdestname = tempnam($assetRoot,"A_");
    $tmpdestname .= '.'.substr($_FILES['file']['name'], strrpos($_FILES['file']['name'], '.') + 1);

    if(copy ($tmpfname , $tmpdestname )){
        // unlink($tmpfname);
    }

    // Get relative portion of filename without assetRoot at beginning
    $relativedest = substr($tmpdestname, strlen($assetRoot));

    $sqlSetFields .= ", Filename='" .$relativedest."'";

    $mimeType = mime_content_type($tmpdestname);
    $sqlSetFields .= ", Media='" .$mimeType."'";

    $sqlSetFields = trim($sqlSetFields, ", ");

    $sqlInsert = "INSERT INTO Assets SET ".$sqlSetFields;

    // echo $sqlInsert;

    if (!mysql_query($sqlInsert))
    {
        die('<HTML><BODY>Error: ' . mysql_error() .'<br/>'.$sqlInsert.'</body></html>');
    } else {
        $myID = mysql_insert_id();
    }
}


?>